正如您在标题中看到的那样,问题是使自定义用户详细信息服务正常工作。它只是没有登录,似乎没有调用customuserdetails服务,因为sysouts没有在控制台中显示...
它在内存功能方面具有弹簧安全性的魅力。以下是我的代码。
Spring Security Config:
@Configuration
@EnableWebSecurity
@ComponentScan(basePackageClasses = CustomUserDetailsService.class)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
UserDetailsService userDetailsService;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
//auth.inMemoryAuthentication().withUser("ram").password("ram123").roles("ADMIN");
auth.userDetailsService(userDetailsService).passwordEncoder(passwordencoder());
}
@Override
public void configure(WebSecurity web) throws Exception {
web
.ignoring()
.antMatchers("/bower_components/**", "/resources/**", "/img/**"); // #3
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic().and().csrf().disable()
.authorizeRequests()
.antMatchers("/", "/home", "/call").permitAll() // #4
.antMatchers("/resource", "/video").hasRole("USER") // #6
.anyRequest().authenticated();
}
@Bean(name="passwordEncoder")
public PasswordEncoder passwordencoder(){
return new BCryptPasswordEncoder();
}
}
CustomUserDetailsService
@Service("customUserDetailsService")
public class CustomUserDetailsService implements UserDetailsService{
private UserService userService;
@Override
public UserDetails loadUserByUsername(String ssoId)
throws UsernameNotFoundException {
User user = userService.findByUsername(ssoId);
System.out.println("User : "+user);
if(user==null){
System.out.println("User not found");
throw new UsernameNotFoundException("Username not found");
}
return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(),
user.isEnabled(), true, true, true, getGrantedAuthorities(user));
}
private List<GrantedAuthority> getGrantedAuthorities(User user){
List<GrantedAuthority> authorities = new ArrayList<>();
authorities.add(new SimpleGrantedAuthority(user.getRole()));
System.out.print("authorities :"+authorities);
return authorities;
}
}
初始化程序类
@SpringBootApplication
@EnableWebSocket
public class One2OneCallApp implements WebSocketConfigurer {
@Bean
public CallHandler callHandler() {
return new CallHandler();
}
@Bean
public UserRegistry registry() {
return new UserRegistry();
}
@Bean
public KurentoClient kurentoClient() {
return KurentoClient.create();
}
@Bean
public UiApplication uiApplication(){
return new UiApplication();
}
@Bean
public CustomUserDetailsService customUserDetailsService(){
return new CustomUserDetailsService();
}
@Bean
public SecurityConfig securityConfig(){
return new SecurityConfig();
}
@Bean
public EncryptPassword encryptPassword(){
return new EncryptPassword();
}
@Override
public void registerWebSocketHandlers(WebSocketHandlerRegistry registry) {
registry.addHandler(callHandler(), "/call");
}
public static void main(String[] args) throws Exception {
System.out.println("Iniciando");
new SpringApplication(One2OneCallApp.class).run(args);
}
}
我还测试了与数据库的通信,它工作得很好。我正在寻求任何帮助。抱歉英语不好。谢谢大家!
编辑:在下面回答我自己的问题。
答案 0 :(得分:0)
在SecurityConfig课程中:
@Autowired
CustomUserDetailsService customUserDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(customUserDetailsService);
}
答案 1 :(得分:0)
更改
@Autowired
UserDetailsService userDetailsService;
到
@Autowired
CustomUserDetailsService userDetailsService;
此外,在您的web / socket配置中导入安全配置并在那里移动组件扫描,而不是在安全性上
@ComponentScan(basePackageClasses = CustomUserDetailsService.class)
@Import(value = { SecurityConfig.class })
public class WebConfig extends WebMvcConfigurerAdapter { /*...*/ }
答案 2 :(得分:0)
您正在安全配置中设置hasRole(“”),并且您正在使用权限进行身份验证。
而不是使用.antMatchers(“/ resource”,“/ video”)。hasRole(“USER”) 使用.antMatchers(“/ resource”,“/ video”)。hasAuthority(“USER”)
答案 3 :(得分:-3)
我最终坚持使用内置的内存验证,只是为了我必须做的演示。我认为我的问题与弹簧启动和我的应用程序中的初始化有关。